Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS25369.roa
File: AS25369.roa (raw, json)
Hash identifier: 3U/z8/8PHbU2TWufuUsASSMqWdC8C2Zhug4GwflHI8c=
Subject key identifier: 09:29:BA:33:91:9B:2E:44:80:B0:A4:70:B6:64:5D:A2:DA:E3:31:39
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 2BFE8DE3E54F0EF02C9F303BA6062CED058D6D1F
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS25369.roa
Signing time: Wed 10 Jun 2026 11:53:06 +0000
ROA not before: Wed 10 Jun 2026 11:48:06 +0000
ROA not after: Wed 09 Jun 2027 11:53:06 +0000
asID: 25369
IP address blocks: 51.146.69.0/24 maxlen: 24
51.194.168.0/22 maxlen: 24
51.194.176.0/22 maxlen: 24
51.194.184.0/22 maxlen: 24
78.105.159.0/24 maxlen: 24
78.105.171.0/24 maxlen: 24
78.105.190.0/24 maxlen: 24
78.105.205.0/24 maxlen: 24
78.105.213.0/24 maxlen: 24
188.220.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:fe:8d:e3:e5:4f:0e:f0:2c:9f:30:3b:a6:06:2c:ed:05:8d:6d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jun 10 11:48:06 2026 GMT
Not After : Jun 9 11:53:06 2027 GMT
Subject: CN=0929BA33919B2E4480B0A470B6645DA2DAE33139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:79:6d:30:22:3a:4d:c6:40:30:4a:fa:a1:38:
49:4e:ab:55:34:e7:a7:ed:db:60:d8:48:1e:3f:b0:
ab:21:0b:40:4b:4a:96:97:38:ea:89:52:28:17:a2:
66:2d:4f:5b:b3:a3:c2:d2:0c:29:38:1d:54:ab:46:
fc:bd:b4:b9:c5:ea:2b:39:d2:0c:3c:8d:5c:46:39:
ff:80:4e:6c:7e:b2:cd:70:80:8e:2a:80:ec:22:01:
fe:45:4d:0f:86:04:8f:e3:2c:f4:8f:fb:09:c1:a0:
71:86:91:98:11:2e:a6:03:ea:fd:03:4c:d3:07:ec:
1e:aa:5b:5f:b8:c7:31:7c:b4:2d:0c:cb:3e:48:97:
9b:b2:40:7f:f4:94:99:6a:cb:8d:b4:c1:b8:ee:47:
66:71:d9:99:53:5d:26:f1:86:4d:a0:d8:3f:74:b5:
cd:b3:da:e1:f1:2d:a8:d8:91:88:58:82:b1:45:64:
a4:6e:d2:9e:2c:bb:ad:21:2c:70:9f:8f:f9:66:4d:
2e:8f:97:cf:86:2f:f0:2d:a5:a7:f9:e9:7e:8e:67:
30:47:f2:76:4e:26:59:ab:59:b3:98:94:9e:f1:3b:
c4:7e:e6:b8:bb:39:45:db:2e:91:3e:c8:78:3a:06:
f1:5d:2e:4e:05:37:5c:3a:3b:e1:d1:b3:07:4e:36:
26:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:29:BA:33:91:9B:2E:44:80:B0:A4:70:B6:64:5D:A2:DA:E3:31:39
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS25369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.69.0/24
51.194.168.0/22
51.194.176.0/22
51.194.184.0/22
78.105.159.0/24
78.105.171.0/24
78.105.190.0/24
78.105.205.0/24
78.105.213.0/24
188.220.97.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:96:d7:b8:05:df:1f:28:f5:43:bf:8d:7b:67:9a:e0:f4:c8:
f9:37:fd:f1:1f:1b:7d:7d:22:82:20:d9:72:bb:04:e5:32:d4:
2d:51:30:79:27:80:21:95:ec:e8:b4:d9:96:f4:a8:e0:1b:cf:
6d:68:60:97:55:9d:c4:f7:2f:53:0c:09:fc:38:43:84:19:af:
2c:8f:96:cb:b8:f4:5d:04:b8:2b:1f:94:3f:b7:aa:f3:8a:fc:
f8:3a:de:f3:ea:41:39:2d:60:91:03:3a:e7:9b:ac:ea:f4:4d:
d2:d8:1f:5c:09:a7:54:01:77:84:59:5d:af:72:7c:1c:08:1a:
d3:7e:5d:0f:c4:98:26:1c:55:f5:fe:4e:48:09:65:51:3c:1c:
1c:4a:c3:23:e9:38:04:21:cf:cd:56:cf:ce:b4:7d:5c:64:1e:
8f:97:a6:bb:43:fe:ca:cf:97:83:6f:87:89:0f:bc:de:68:a7:
60:44:49:d7:8a:d8:f7:03:19:f8:b5:be:30:39:0b:ba:85:9e:
6f:29:64:2a:40:1c:68:f6:0e:52:35:48:0a:ca:30:f7:4f:9a:
5e:e2:15:bf:0d:16:36:5c:3b:74:e1:30:59:d6:1b:b6:9c:90:
b4:27:41:e4:21:0d:cd:c0:0e:01:48:1c:a6:2e:b7:f9:2d:3f:
e7:d4:cb:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUK/6N4+VPDvAsnzA7pgYs7QWNbR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MTAxMTQ4MDZaFw0yNzA2MDkxMTUzMDZaMDMxMTAvBgNV
BAMTKDA5MjlCQTMzOTE5QjJFNDQ4MEIwQTQ3MEI2NjQ1REEyREFFMzMxMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbeW0wIjpNxkAwSvqhOElOq1U0
56ft22DYSB4/sKshC0BLSpaXOOqJUigXomYtT1uzo8LSDCk4HVSrRvy9tLnF6is5
0gw8jVxGOf+ATmx+ss1wgI4qgOwiAf5FTQ+GBI/jLPSP+wnBoHGGkZgRLqYD6v0D
TNMH7B6qW1+4xzF8tC0Myz5Il5uyQH/0lJlqy420wbjuR2Zx2ZlTXSbxhk2g2D90
tc2z2uHxLajYkYhYgrFFZKRu0p4su60hLHCfj/lmTS6Pl8+GL/Atpaf56X6OZzBH
8nZOJlmrWbOYlJ7xO8R+5ri7OUXbLpE+yHg6BvFdLk4FN1w6O+HRswdONiYDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCSm6M5GbLkSAsKRwtmRdotrjMTkwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjUzNjkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAAzkkUD
BAIzwqgDBAIzwrADBAIzwrgDBABOaZ8DBABOaasDBABOab4DBABOac0DBABOadUD
BAC83GEwDQYJKoZIhvcNAQELBQADggEBAJuW17gF3x8o9UO/jXtnmuD0yPk3/fEf
G319IoIg2XK7BOUy1C1RMHkngCGV7Oi02Zb0qOAbz21oYJdVncT3L1MMCfw4Q4QZ
ryyPlsu49F0EuCsflD+3qvOK/Pg63vPqQTktYJEDOuebrOr0TdLYH1wJp1QBd4RZ
Xa9yfBwIGtN+XQ/EmCYcVfX+TkgJZVE8HBxKwyPpOAQhz81Wz860fVxkHo+XprtD
/srPl4Nvh4kPvN5op2BESdeK2PcDGfi1vjA5C7qFnm8pZCpAHGj2DlI1SArKMPdP
ml7iFb8NFjZcO3ThMFnWG7ackLQnQeQhDc3ADgFIHKYut/ktP+fUy9U=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:37:48 2026 by rpki-client